Deserialization Of Untrusted Data

Drupal Core is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to insecure deserialization of untrusted data, allows an attacker to inject malicious objects, which can be exploited through the gadget chain to achieve remote code execution...

Exploit for Use After Free in Linux Linux_Kernel

CVE-2024-1086 For learning purpose. Refer: - https://pwning...

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in SAP NetWeaver, ABAP, Web Dispatcher, Business Objects, HCM and Commerce Cloud. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: - Cross-Site Scripting XSS. - Server-Side Request Forgery SSRF. ...

CVE-2024-55547

SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP-420: through 2.01e...

The vulnerability of the Qlik Sense Enterprise data analysis platform, related to errors in processing input data from higher-level components, allows a perpetrator to execute arbitrary code.

The vulnerability of the Qlik Sense Enterprise data analysis platform is related to errors in processing input data from higher-level components. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by creating specially crafted connection objects remotely...

Qlik Sense 安全漏洞

Qlik Sense is an application from Qlik, Inc. that allows users to create visualizations, charts, interactive dashboards, and analytical applications for local and offline use. A security vulnerability exists in Qlik Sense Enterprise for Windows prior to November 2024 IR, which stems from the fact...

SUSE CVE-2024-53143

In the Linux kernel, the following vulnerability has been resolved: fsnotify: Fix ordering of iput and watchedobjects decrement Ensure the superblock is kept alive until we're done with iput. Holding a reference to an inode is not allowed unless we ensure the superblock stays alive, which fsnotif...

CVE-2024-53143

In the Linux kernel, the following vulnerability has been resolved: fsnotify: Fix ordering of iput and watchedobjects decrement Ensure the superblock is kept alive until we're done with iput. Holding a reference to an inode is not allowed unless we ensure the superblock stays alive, which fsnotif...

DEBIAN-CVE-2024-53143

In the Linux kernel, the following vulnerability has been resolved: fsnotify: Fix ordering of iput and watchedobjects decrement Ensure the superblock is kept alive until we're done with iput. Holding a reference to an inode is not allowed unless we ensure the superblock stays alive, which fsnotif...

CVE-2024-53143

In the Linux kernel, the following vulnerability has been resolved: fsnotify: Fix ordering of iput and watchedobjects decrement Ensure the superblock is kept alive until we're done with iput. Holding a reference to an inode is not allowed unless we ensure the superblock stays alive, which fsnotif...

CVE-2024-53143 fsnotify: Fix ordering of iput() and watched_objects decrement

In the Linux kernel, the following vulnerability has been resolved: fsnotify: Fix ordering of iput and watchedobjects decrement Ensure the superblock is kept alive until we're done with iput. Holding a reference to an inode is not allowed unless we ensure the superblock stays alive, which fsnotif...

CVE-2024-53143 fsnotify: Fix ordering of iput() and watched_objects decrement

In the Linux kernel, the following vulnerability has been resolved: fsnotify: Fix ordering of iput and watchedobjects decrement Ensure the superblock is kept alive until we're done with iput. Holding a reference to an inode is not allowed unless we ensure the superblock stays alive, which fsnotif...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a misordered reduction of iput and watchedobjects counts in the fsnotify component, which could lead to reus...

ClipBucket 代码问题漏洞

ClipBucket is an open source and freely downloadable PHP script from MacWarrior Open Source. It is used for sharing video sites. A code issue vulnerability exists in ClipBucket versions 2.0 through 5.5.1-199, which stems from susceptibility to a PHP deserialization vulnerability and improper inpu...

ClipBucket 安全漏洞

ClipBucket is an open source and freely downloadable PHP script from MacWarrior Open Source. It is used for sharing video sites. A security vulnerability exists in ClipBucket 5.5.1-199 and earlier versions, which stems from vulnerability to a PHP deserialization vulnerability and improper input...

SUSE CVE-2024-53128

In the Linux kernel, the following vulnerability has been resolved: sched/taskstack: fix objectisonstack for KASAN tagged pointers When CONFIGKASANSWTAGS and CONFIGKASANSTACK are enabled, the objectisonstack function may produce incorrect results due to the presence of tags in the obj pointer,...

AZL-54277 CVE-2024-53128 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: sched/taskstack: fix objectisonstack for KASAN tagged pointers When CONFIGKASANSWTAGS and CONFIGKASANSTACK are enabled, the objectisonstack function may produce incorrect results due to the presence of tags in the obj pointer,...

DEBIAN-CVE-2024-53128

In the Linux kernel, the following vulnerability has been resolved: sched/taskstack: fix objectisonstack for KASAN tagged pointers When CONFIGKASANSWTAGS and CONFIGKASANSTACK are enabled, the objectisonstack function may produce incorrect results due to the presence of tags in the obj pointer,...

UBUNTU-CVE-2024-53128

In the Linux kernel, the following vulnerability has been resolved: sched/taskstack: fix objectisonstack for KASAN tagged pointers When CONFIGKASANSWTAGS and CONFIGKASANSTACK are enabled, the objectisonstack function may produce incorrect results due to the presence of tags in the obj pointer,...

CVE-2024-53128

The CVE-2024-53128 issue is in the Linux kernel’s sched/task_stack path: when CONFIG_KASAN_SW_TAGS and CONFIG_KASAN_STACK are enabled, object_is_on_stack() may yield incorrect results because tagged pointers in the object could differ from the untagged stack pointer. The result can trigger warnin...